CVE-2018-18817

The Leostream Agent before Build 7.0.1.0 when used with Leostream Connection Broker 8.2.72 or earlier allows remote attackers to modify registry keys via the Leostream Agent API...

CVE-2026-20893

Origin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.25.0 and earlier. If this vulnerability is exploited, an attacker who can log in to the Windows system where the affected product is installed may execute arbitrary code with SYSTEM privilege and/o...

CVE-2026-20893

Origin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.25.0 and earlier. If this vulnerability is exploited, an attacker who can log in to the Windows system where the affected product is installed may execute arbitrary code with SYSTEM privilege and/o...

Fujitsu Security Solution AuthConductor Client Basic 访问控制错误漏洞

Fujitsu Security Solution AuthConductor Client Basic is a client component of an authentication system from Fujitsu Japan. An access control error vulnerability exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.25.0 and earlier versions, which stems from the presence of a sour...

PT-2026-1555

Name of the Vulnerable Software and Affected Versions Fujitsu Security Solution AuthConductor Client Basic V2 versions 2.0.25.0 and earlier Description An origin validation error exists in the software. Successful exploitation could allow an attacker who has access to the Windows system where the...

PT-2025-52652

Name of the Vulnerable Software and Affected Versions K7 Ultimate Security version 17.0.2045 Description A local privilege escalation issue exists in K7 Ultimate Security antivirus. A local unprivileged user on default installations can exploit insecure access to a named pipe to modify any regist...

EUVD-2020-28753

Malware in sbrugna...

EUVD-2003-1111

Malware in sbrugna...

EUVD-2016-4993

Malware in sbrugna...

EUVD-2017-13015

Malware in sbrugna...

EUVD-2023-52439

Malicious code in bioql PyPI...

EUVD-2023-29113

Malicious code in bioql PyPI...

EUVD-2024-49604

Malicious code in bioql PyPI...

EUVD-2025-18161

Malicious code in bioql PyPI...

windows-privesc-check

It is an offensive tool for Windows privilege escalation checking. The tool, windows-privesc-check, is a standalone executable that runs on Windows systems, attempting to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or access local apps. I...

PT-2025-29944 · Lenovo · Lenovo Vantage

Name of the Vulnerable Software and Affected Versions: Lenovo Vantage affected versions not specified Description: Lenovo Vantage contains an improper validation issue that may allow a local attacker to execute code with elevated permissions. This is achieved by modifying specific registry...

CVE-2025-35978

Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be...

UpdateNavi vulnerable to improper restriction of communication channel to intended endpoints

Overview UpdateNavi provided by Fujitsu Client Computing Limited contains the following vulnerability. Improper restriction of communication channel to intended endpoints CWE-923 Shu Yoshikoshi of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

CVE-2025-35978

Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be...

CVE-2025-35978

UpdateNavi V1.4 L10–L33 and UpdateNaviInstallService 1.2.0091–1.2.0125 suffer from improper restriction of the communication channel to intended endpoints (CWE-923). This local vulnerability allows a local authenticated attacker sending malicious data to modify registry values or execute arbitrar...